Re: OWA thru ISA - Repeated authentication requests

  • From: "David Dellanno" <ddellanno@xxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 24 Apr 2002 10:47:57 -0400

I can think of three things that you may want to check.

        1.)  Make sure your Browser (IE as an example) under Security Tab,
highlight your Internet Zone, an click on Custom Level..., at the very
bottom, verify that "Prompt for user name and password" radio button is NOT
selected.  If you are not sure, reset all Zones to the Default Settings.

        2.)     At the Exchange 2000 Server, verify your Authentication
Settings are applied correctly, both IIS MMC and Exchange System Manager
Tool.   NOTE: Do not make Authentication changes using the IIS MMC tool. 

        3.)  At the ISA Server, 

Internet Security and Acceleration Server
        |_ Servers and Arrays
                |_ Server_Name (Properities)

Select "Incoming Web Request" tab, verify "Configure listeners individually
per IP address" radio button is select.  Highlight the IP Address listening
for your OWA request, then click Edit.  Under Authentication, select "Basic
with this domain" enter your Domain Name.


Hi Jim Harrison, I might be wrong about step 3.  Just to double check if this
might help Joel's issue.

Dave

-----Original Message-----
From: Joel Mansford [mailto:Joel.Mansford@xxxxxxxxxxxxxxx] 
Sent: Wednesday, April 24, 2002 9:40 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: OWA thru ISA - Repeated authentication requests


http://www.ISAserver.org


Cheers for that, it worked a treat.

Now if I can only figure out why it repeatedly asks for authentication I'll
be sorted!  As an example, I'll go onto the /exchange/ site, and it'll show
the inbox fine.  It will then immediately pop up a username/password box.  I
enter the details.  I then click calendar, it then asks me for
username/password five times before letting me in. You don't even have to be
using and it'll pop up a username/password box.

Any ideas?

Joel.

-----Original Message-----
From: David Dellanno [mailto:ddellanno@xxxxxxxxxxxxxxx] 
Sent: 24 April 2002 14:12
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: OWA thru ISA


http://www.ISAserver.org


Hi Joel, if you are using Exchange 2000 with OWA, unfortunately you need to
change at the OWA web site, to use only "Basic Clear Text".   This will
increase the performance for outside users.  Since you have the SSL working
you won't have to worry about the lesser of the authentication.

IMPORTANT: To make the authentication change for OWA, you need to perform it
at the Exchange Server or the Front-End Server,by using the Exchange System
Manager Tool.

Organization
        |_First Administrative Group
                |_Servers
                        |_Server_Name
                                |_Protocols
                                        |_HTTP
                                                |_ Exchange Vitural
Server
                                                        |_ Exchange and
Public 

You should find the Authentication Button in the Exchange/Public Properites

                                                        

-----Original Message-----
From: Joel Mansford [mailto:Joel.Mansford@xxxxxxxxxxxxxxx] 
Sent: Wednesday, April 24, 2002 6:07 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: OWA thru ISA

http://www.ISAserver.org


I have issues with the speed of it through ISA.  I find the initial screen
takes a very long time to come up (up to 2mins).  It's not a bandwidth issue
I'm sure, and it's perfectly quick from inside the network.

My second problem is that it repeatedly asks for authentication, the only way
around it is to allow IE to store the username and password, hardly secure!

Anyone got any ideas about the authentication?

Cheers,

Joel.

-----Original Message-----
From: Deus, Attonbitus [mailto:Thor@xxxxxxxxxxxxxxx] 
Sent: 23 April 2002 21:54
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: OWA thru ISA


http://www.ISAserver.org



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 01:38 PM 4/23/2002, you wrote:

>Finally got it working but geez is it slow accessing via DSL back thru 
>a T-1.  I got it working using Server Publishing with the HTTPS 
>protocol
>definition.   Anyone have any ideas as too why it is so slow??


I should have mentioned that I used server publishing too... Glad it is 
up.  Mine is not too bad- the initial authentication takes a moment, but

the rest of it is pretty quick even over HTTPS.  I'm running it on a pretty 
hefty box, though.

While we are at it, has anyone successfully published an off-site Exchange 
Instant Messanger site for basic-authentication access to?  Any magic 
there?  I have not been able to get one to work...



-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPMXJ14hsmyD15h5gEQIC0gCdFaRD9RB4SgoWr2VQhWwGf889zUMAnime
Eq4RZ5FOg4E98ET2qgVcAWdP
=0RM0
-----END PGP SIGNATURE-----


------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Joel.Mansford@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

This e-mail has been scanned for all known viruses by Star Internet on behalf
of The Instrumental Media Group.  Whilst every care has been taken to ensure
this message is virus-free, neither Star Internet or The Instrumental Media
Group can be held responsible for any virus it may contain.
http://www.instrumentalmedia.com

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ddellanno@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
Joel.Mansford@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')

This e-mail has been scanned for all known viruses by Star Internet on behalf
of The Instrumental Media Group.  Whilst every care has been taken to ensure
this message is virus-free, neither Star Internet or The Instrumental Media
Group can be held responsible for any virus it may contain.
http://www.instrumentalmedia.com

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ddellanno@xxxxxxxxxxxxxxx To unsubscribe send a blank email to
$subst('Email.Unsub')


Other related posts: